Malware

How to remove “Malware.AI.3001678374”?

Malware Removal

The Malware.AI.3001678374 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Malware.AI.3001678374 virus can do?

  • Executable code extraction
  • Creates RWX memory
  • A process attempted to delay the analysis task.
  • Loads a driver
  • Repeatedly searches for a not-found process, may want to run with startbrowser=1 option
  • Drops a binary and executes it
  • Unconventionial binary language: Chinese (Simplified)
  • Unconventionial language used in binary resources: Chinese (Simplified)
  • The binary likely contains encrypted or compressed data.
  • Uses Windows utilities for basic functionality
  • Installs itself for autorun at Windows startup
  • Creates a hidden or system file
  • Creates a copy of itself
  • Anomalous binary characteristics
  • Uses suspicious command line tools or Windows utilities

How to determine Malware.AI.3001678374?



File Info:

crc32: AFE04810
md5: 5c0331638e59621f50341ec30f80a4c0
name: 5C0331638E59621F50341EC30F80A4C0.mlw
sha1: 49de6d54841e2580251cd32a53c10dc7d5fa8300
sha256: ea45f9b3dd2e613bb9cb0659dcf6d66ca092738fc510e37226bb99542ad685c8
sha512: 2064c4a469be57f0853b5100fe95fb589bf7d65f069cc3d72431282fb53c3be7442e4fe34e6dec13623a0f4d3f37641c01d3921fe55240c71892f27decd0eaa9
ssdeep: 24576:D18sIbgCL4R3/U+9OA5VSl4NsD4ou1w9tvTL:R8DbpL8vp9OO6
type: PE32 executable (GUI) Intel 80386, for MS Windows


Version Info:

LegalCopyright: x7248x6743x6240x6709 (C) 2001
InternalName: ColorPickerDemo
FileVersion: 1, 0, 0, 1
CompanyName: 
LegalTrademarks: 
ProductName: ColorPickerDemo x5e94x7528x7a0bx5e8f
ProductVersion: 1, 0, 0, 1
FileDescription: ColorPickerDemo Microsoft x57fax7840x7c7bx5e94x7528x7a0bx5e8f
OriginalFilename: ColorPickerDemo.EXE
Translation: 0x0804 0x04b0

Malware.AI.3001678374 also known as:

BkavW32.AIDetect.malware1
Elasticmalicious (high confidence)
DrWebTrojan.DownLoader33.52941
MicroWorld-eScanTrojan.GenericKD.45838665
FireEyeGeneric.mg.5c0331638e59621f
CAT-QuickHealBackdoor.Farfli
ALYacTrojan.GenericKD.45838665
CylanceUnsafe
ZillyaTrojan.Kryptik.Win32.2320042
SangforTrojan.Win32.Save.a
K7AntiVirusTrojan ( 00567b521 )
BitDefenderTrojan.GenericKD.45838665
K7GWTrojan ( 00567b521 )
Cybereasonmalicious.38e596
BitDefenderThetaGen:NN.ZexaF.34608.sr0@aO46sMgb
CyrenW32/Kryptik.CAS.gen!Eldorado
SymantecML.Attribute.HighConfidence
APEXMalicious
AvastWin32:Trojan-gen
ClamAVWin.Dropper.Zegost-9837515-0
KasperskyBackdoor.Win32.Farfli.bsce
AlibabaBackdoor:Win32/Farfli.8d75c291
NANO-AntivirusTrojan.Win32.Farfli.hukckh
ViRobotTrojan.Win32.Z.Farfli.1347584.B
RisingTrojan.Kryptik!1.C71D (CLOUD)
Ad-AwareTrojan.GenericKD.45838665
EmsisoftTrojan.Crypt (A)
ComodoMalware@#nphhdpka8gd7
F-SecureHeuristic.HEUR/AGEN.1134997
VIPRETrojan.Win32.Generic!BT
TrendMicroBackdoor.Win32.FARFLI.THBBCBA
McAfee-GW-EditionBehavesLike.Win32.Downloader.tc
SophosMal/Generic-S
SentinelOneStatic AI – Suspicious PE
JiangminBackdoor.Farfli.dso
MaxSecureTrojan.Malware.121218.susgen
AviraHEUR/AGEN.1134997
MAXmalware (ai score=100)
Antiy-AVLTrojan[Backdoor]/Win32.Farfli
KingsoftWin32.Hack.Undef.(kcloud)
MicrosoftBackdoor:Win32/Zegost.KM!MTB
GridinsoftTrojan.Win32.Kryptik.oa
ArcabitTrojan.Generic.D2BB7149
ZoneAlarmBackdoor.Win32.Farfli.bsce
GDataTrojan.GenericKD.45838665
CynetMalicious (score: 100)
AhnLab-V3Malware/Win32.RL_Generic.R358854
McAfeeGenericRXLN-YN!5C0331638E59
VBA32BScope.Backdoor.Farfli
MalwarebytesMalware.AI.3001678374
PandaTrj/GdSda.A
ESET-NOD32a variant of Win32/Kryptik.HDPV
TrendMicro-HouseCallBackdoor.Win32.FARFLI.THBBCBA
TencentMalware.Win32.Gencirc.11ba5f6f
YandexBackdoor.Farfli!JJritEMmL/Q
IkarusBackdoor.Win32.Zegost
eGambitUnsafe.AI_Score_99%
FortinetW32/Kryptik.HDPV!tr
AVGWin32:Trojan-gen
Paloaltogeneric.ml
CrowdStrikewin/malicious_confidence_80% (D)
Qihoo-360Win32/Backdoor.Zegost.HwcBd9sA

How to remove Malware.AI.3001678374?

Malware.AI.3001678374 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment